Known Vulnerabilities for products from Hitachienergy
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Hitachienergy".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-2459 json | A vulnerability exists in REB500 for an authenticated user with Installer role to access and alter the contents of directorie... | Not Provided | 2026-02-24 | 2026-04-06 |
| CVE-2023-5768 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2023-12-04 | 2023-12-07 |
| CVE-2023-5767 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2023-12-04 | 2023-12-07 |
| CVE-2023-5516 json | Poorly constructed webap requests and URI components with special characters trigger unhandled errors and exceptions, disclo... | 5.3 - MEDIUM | 2023-11-01 | 2023-11-08 |
| CVE-2023-5515 json | The responses for web queries with certain parameters disclose internal path of resources. This information can be used to l... | 5.3 - MEDIUM | 2023-11-01 | 2023-11-08 |
| CVE-2023-5514 json | The response messages received from the eSOMS report generation using certain parameter queries with full file path can be a... | 5.3 - MEDIUM | 2023-11-01 | 2023-11-08 |
| CVE-2023-4816 json | A vulnerability exists in the Equipment Tag Out authentication, when configured with Single Sign-On (SSO) with password valid... | 8.8 - HIGH | 2023-09-11 | 2023-09-13 |
| CVE-2023-4518 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-12-01 | 2023-12-06 |
| CVE-2023-2622 json | Authenticated clients can read arbitrary files on the MAIN Computer system using the remote procedure call (RPC) of the Insp... | 4.3 - MEDIUM | 2023-11-01 | 2023-11-08 |
| CVE-2023-2621 json | The McFeeder server (distributed as part of SSW package), is susceptible to an arbitrary file write vulnerability on the MAI... | 6.5 - MEDIUM | 2023-11-01 | 2023-11-08 |
| CVE-2023-1711 json | A vulnerability exists in a FOXMAN-UN and UNEM logging component, it only affects systems that use remote authentication to t... | 4.4 - MEDIUM | 2023-05-30 | 2023-06-06 |
| CVE-2023-1514 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-12-19 | 2023-12-28 |
| CVE-2022-29922 json | Improper Input Validation vulnerability in the handling of a specially crafted IEC 61850 packet with a valid data item but wi... | 7.5 - HIGH | 2022-09-14 | 2022-10-05 |
| CVE-2022-29492 json | Improper Input Validation vulnerability in the handling of a malformed IEC 104 TCP packet in the Hitachi Energy MicroSCADA X ... | 7.5 - HIGH | 2022-09-14 | 2022-10-05 |
| CVE-2022-29490 json | Improper Authorization vulnerability exists in the Workplace X WebUI of the Hitachi Energy MicroSCADA X SYS600 allows an auth... | 8.8 - HIGH | 2022-09-12 | 2023-06-28 |
| CVE-2022-28613 json | A vulnerability in the HCI Modbus TCP COMPONENT of Hitachi Energy RTU500 series CMU Firmware that is caused by the validation... | 7.5 - HIGH | 2022-05-02 | 2023-07-21 |
| CVE-2022-4608 json | A vulnerability exists in HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnera... | 7.5 - HIGH | 2023-07-26 | 2023-08-03 |
| CVE-2022-3929 json | Communication between the client and the server application of the affected products is partially done using CORBA (Common Ob... | 9.8 - CRITICAL | 2023-01-05 | 2023-11-07 |
| CVE-2022-3928 json | Hardcoded credential is found in affected products' message queue. An attacker that manages to exploit this vulnerability wil... | 5.5 - MEDIUM | 2023-01-05 | 2023-11-07 |
| CVE-2022-3927 json | The affected products store both public and private key that are used to sign and protect Custom Parameter Set (CPS) file fro... | 9.8 - CRITICAL | 2023-01-05 | 2023-11-07 |